Filtered by vendor Arubanetworks Subscriptions
Filtered by product Aruba Mobility Controller Subscriptions
Total 4 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2009-3836 1 Arubanetworks 2 Aruba Mobility Controller, Arubaos 2024-11-21 N/A
ArubaOS 3.3.1.x, 3.3.2.x, RN 3.1.x, 3.4.x, and 3.3.2.x-FIPS on the Aruba Mobility Controller allows remote attackers to cause a denial of service (Access Point crash) via a malformed 802.11 Association Request management frame.
CVE-2008-7095 1 Arubanetworks 2 Aruba Mobility Controller, Arubaos 2024-11-21 N/A
The SNMP daemon in ArubaOS 3.3.2.6 in Aruba Mobility Controller does not restrict SNMP access, which allows remote attackers to (1) read all SNMP community strings via SNMP-COMMUNITY-MIB::snmpCommunityName (1.3.6.1.6.3.18.1.1.1.2) or SNMP-VIEW-BASED-ACM-MIB::vacmGroupName (1.3.6.1.6.3.16.1.2.1.3) with knowledge of one community string, and (2) read SNMPv3 user names via SNMP-USER-BASED-SM-MIB or SNMP-VIEW-BASED-ACM-MIB.
CVE-2008-7023 1 Arubanetworks 2 Aruba Mobility Controller, Arubaos 2024-11-21 N/A
Aruba Mobility Controller running ArubaOS 3.3.1.16, and possibly other versions, installs the same default X.509 certificate for all installations, which allows remote attackers to bypass authentication. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product's security documentation.
CVE-2008-5563 2 Aruba Networks, Arubanetworks 3 Aruba Mobility Controller, Aruba Mobility Controllers, Aruba Mobility Controller 2024-11-21 N/A
Aruba Mobility Controller 2.4.8.x-FIPS, 2.5.x, 3.1.x, 3.2.x, 3.3.1.x, and 3.3.2.x allows remote attackers to cause a denial of service (device crash) via a malformed Extensible Authentication Protocol (EAP) frame.